How good are your anti-money laundering procedures?

First of all, do you have your own procedures? All firms should have their own procedures manual when it comes to anti-money laundering. Who would be high-risk clients for your firms? What are you going to do in terms of ID? How is the client information recorded? It may be digital, or it may be manual. Your manual should stipulate what you do internally as regulators will look for a procedures manual from everybody.

Part of the process will be risk assessment and demonstrating that you understand your clients. We need to make sure there are three levels of risk assessment.

Generic – look at your client base. Where are the risks of money laundering coming from? Typically we could be looking at tax evasion with clients by way of manipulating income and expenses so as to reduce the tax bill.

Risk Assessment – this needs to be done for each and every client. When we carry out money laundering reviews, we often find that this step is missing. This is necessary as this will help us determine not only how much due diligence we need to do for the client, but also to work out how much on-going monitoring needs to be carried out. It’s not just about identifying the client when they are new; it’s also about reviewing this process on an annual basis. When necessary, we will review a client’s transactions on a case sensitive basis.

Knowledge – part and parcel of this is demonstrating that you understand your clients. If we look at anti-money laundering training, we ask: “What is indicative of money laundering? What things do we need to look out for?” One of those might be that your client chops and changes his investments for no apparent reason, and this might be an indication of the layering process of money laundering, whereby people pass money through various different transactions so that people lose track of where that money originated from. Sometimes though, you may have a client that just plays with investments, and sometimes they may simply make daft decisions. If that’s the case, then you need to know that kind of thing in your client information file so that you have that knowledge in the background. When it comes to a bit of a heads up on any suspicious activity, you already know about the nature of their circumstances.

Do you know who you are working for?

Due diligence also relates to verifying the identity of your customer and also ascertaining who the beneficial owners of your client are. When it comes to relevant ID, if you have a normal risk client, then a standard money laundering ID would be to verify the identity of the customer by obtaining a passport or government issued photo ID. If they don’t have that, then standard ID would be a non- government piece of documentation, plus another. Therefore internal procedure should tell you what your firm is going to do in terms of ID. You might use some kind of electronic verification system – it should all be detailed in your procedures manual and this needs to be applied consistently within the practice.

Part of the due diligence process is making sure that you have documented who the beneficial owners of the company are. These are a separate category from your customer, and if we have a customer that will be the company, the beneficial owners will be anyone who owns more than 25 per cent of the share capital. We would probably look at doing a company search to verify the identity of the customer, and the beneficial owners should also be verified on a risk sensitive basis.

Keeping a trained eye

Firms also have to show to regulators that they have provided sufficient training for staff, and this could entail attending courses or reading newswires that attach to certain publications. We have to prove that the relevant staff have had the relevant training. By relevant staff, this means anybody who would have contact with the clients and is in a position to be able to pick up on money laundering activity.

Are you making sure your anti-money laundering procedures are working properly as prescribed? This means you need to carry out an annual anti-money laundering compliance review, or get a third party to do it for you. You must demonstrate this review is carried out every year.

Follow these procedures, and you should feel confident that you are keeping a clean bill of health for both yourself and your clients.

Keir Thomas-Bryant

Keir Thomas-Bryant is Sage’s dedicated content specialist for its accounting and accountant areas, with an interest in compliance issues like MTD and GDPR too. He has two decades of experience in practically every writing-related task – from editing magazines to authoring textbooks to blogging professionally.